Azure Sphere has three components. The first is customized microcontroller units (MCUs) for IoT devices, which are authenticated using certificates encoded in on-board chips.

The second component is the Azure Sphere OS, which runs on the IoT devices and helps secure and authenticate the hardware, and which is based on a custom-version of the Linux kernel.

The third is the Azure Sphere Security Service, a cloud-based offering that keeps devices patched with the latest security updates and detects threats to these connected devices for 10 years after their rollout.

Microsoft believes Azure Sphere will help vendors secure smart appliances for home and business users, as well as allowing larger companies to protect their networked infrastructure.

“We want to make sure that through the lifetime of these devices they are secure.”

McCaffrey gave authentication as an example of how Azure Sphere will strengthen the notoriously weak security of IoT devices.

Rather than relying on passwords to authenticate each device to the cloud-based Azure Sphere Security Service, boards will instead include chips encoded with certificates that authenticate their identity, which will be checked by the OS and the cloud service.

“We’ve totally eliminated this attack vector from the Azure Sphere ecosystem by not even using passwords to control the MCUs,” she said.

The OS provides multiple other layers of security alongside its role helping authenticate each board, including running apps in containers and a built-in security monitor.

Microsoft is working with various chip manufacturers and designers to create certified Azure Sphere boards for IoT devices, which will have authentication certificates baked into the silicon.

The first Azure Sphere-approved MCU will be the MediaTek 3620, a forthcoming Arm-based system-on-a-chip packing one 500MHz Cortex A7 processing core and two low-power Cortex M4 cores, alongside Wi-Fi connectivity.

Microsoft says this approach of pairing two energy-sipping cores with a relatively beefy single core will allow for IoT devices that cater to a wide range of uses.

The new Azure Sphere hardware on show at Microsoft’s reveal at the RSA Conference in San Francisco yesterday.

Image: Microsoft

Azure Sphere is currently available in private preview, and Microsoft is working with other device manufacturers — including NXP Semiconductors, Nuvoton, and Qualcomm — to develop new Azure Sphere boards — with the first Azure Sphere devices expected to go on sale by the end of 2018 and the first dev kits available by mid-2018.